Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/kwf3diPqFEjC49Agn9EfurQaNLA.roa
File: kwf3diPqFEjC49Agn9EfurQaNLA.roa (raw, json)
Hash identifier: quukPFYPRXjWrztXzHlVfR0nKQU2M4F6SRiRoyWBxmY=
Subject key identifier: 93:07:F7:76:23:EA:14:48:C2:E3:D0:20:9F:D1:1F:BA:B4:1A:34:B0
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 01856B81063661097C00F561E161BA7EA47C
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/kwf3diPqFEjC49Agn9EfurQaNLA.roa
Signing time: Sun 01 Jan 2023 04:04:55 +0000
ROA not before: Sun 01 Jan 2023 04:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204385
IP address blocks: 31.202.15.0/24 maxlen: 24
2a00:1210:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:06:36:61:09:7c:00:f5:61:e1:61:ba:7e:a4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Jan 1 04:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9307f77623ea1448c2e3d0209fd11fbab41a34b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2d:98:21:09:53:bc:39:20:15:3d:a8:c8:64:
39:c0:de:56:fe:e0:a7:8b:c8:d5:a2:da:98:95:c4:
61:c5:ff:21:f0:25:ab:71:22:32:89:ac:65:7a:fa:
ae:e4:b3:41:3c:1d:e3:3d:f5:9c:40:e3:cc:88:02:
cd:c3:f9:e0:5d:35:77:46:42:1b:19:47:92:e3:76:
38:61:1c:4e:23:69:68:48:23:8e:5c:87:f8:cd:18:
d9:b9:f8:4a:a1:ea:af:3d:ad:d3:8c:0d:ca:a5:da:
22:3c:6b:07:cf:1e:10:27:f2:8f:96:a9:a6:b4:e2:
ad:7f:30:19:eb:56:cd:96:33:c3:4b:45:d0:80:c2:
63:d7:ba:8c:a1:5d:ef:e3:a6:c0:c7:72:83:de:47:
b2:50:b6:2f:7c:46:80:8c:b4:59:be:ba:4a:3f:8c:
5f:c2:30:37:08:2f:95:fa:4d:7f:67:98:39:5b:ca:
d6:34:d0:35:39:a1:04:2a:8f:41:9c:de:be:5d:b0:
63:76:2a:d3:70:e6:fe:c7:a6:31:a9:78:63:d7:74:
38:46:98:d7:ec:0c:66:94:c7:ec:52:cc:a4:df:f4:
b6:46:4c:38:8f:79:72:e1:7d:38:bc:29:67:6c:7f:
72:cf:7b:28:ef:38:d3:78:73:69:4a:91:39:23:75:
78:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:07:F7:76:23:EA:14:48:C2:E3:D0:20:9F:D1:1F:BA:B4:1A:34:B0
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/kwf3diPqFEjC49Agn9EfurQaNLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.202.15.0/24
IPv6:
2a00:1210:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
9b:3e:5e:66:cc:ad:9d:94:01:35:b1:33:5f:3f:71:f1:75:90:
5d:00:75:c2:79:5f:eb:88:9d:ae:5b:65:d4:cd:b7:ff:ec:75:
73:49:45:66:c1:2a:da:da:13:a8:c9:2f:38:fa:2e:89:8e:dd:
4e:91:58:73:58:f8:e8:a4:ae:2e:48:9b:4a:ba:02:62:62:6e:
7a:02:91:e9:29:82:d5:fd:b4:12:4c:6e:46:8a:f9:ef:a3:b8:
1a:f2:68:f7:21:6b:95:d7:77:74:8e:95:41:a7:8c:f2:87:f5:
0e:6f:37:af:b1:7c:2b:7e:ef:a1:ca:33:58:72:db:b6:ed:0d:
a3:52:6b:88:14:50:63:eb:7f:e7:e4:2d:a3:1d:d3:b9:4c:d9:
61:2e:d1:c7:4a:42:93:95:91:31:38:9b:86:58:53:1f:5c:c9:
aa:34:52:ab:25:43:7e:50:5d:00:8a:56:d2:f6:4b:1c:1d:1e:
05:38:ba:bc:76:82:02:22:03:fe:28:d7:c1:44:2c:03:fa:e3:
9d:92:ba:bc:e6:62:7c:56:54:31:41:ed:79:7c:5c:6f:2a:f6:
10:8e:bf:82:59:e3:86:e9:ab:c1:f9:b2:95:e5:c1:df:c7:b0:
a6:df:69:4c:d5:09:fb:34:56:eb:dc:27:65:4c:27:74:e4:f5:
b0:19:50:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrgQY2YQl8APVh4WG6fqR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjMwMTAxMDQwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA3Zjc3NjIzZWExNDQ4YzJlM2QwMjA5ZmQxMWZiYWI0MWEzNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i2YIQlTvDkgFT2oyGQ5wN5W/uCn
i8jVotqYlcRhxf8h8CWrcSIyiaxlevqu5LNBPB3jPfWcQOPMiALNw/ngXTV3RkIb
GUeS43Y4YRxOI2loSCOOXIf4zRjZufhKoeqvPa3TjA3KpdoiPGsHzx4QJ/KPlqmm
tOKtfzAZ61bNljPDS0XQgMJj17qMoV3v46bAx3KD3keyULYvfEaAjLRZvrpKP4xf
wjA3CC+V+k1/Z5g5W8rWNNA1OaEEKo9BnN6+XbBjdirTcOb+x6YxqXhj13Q4RpjX
7AxmlMfsUsyk3/S2Rkw4j3ly4X04vClnbH9yz3so7zjTeHNpSpE5I3V48wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJMH93Yj6hRIwuPQIJ/RH7q0GjSwMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEva3dmM2RpUHFGRWpDNDlBZ245RWZ1clFhTkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAH8oPMA8E
AgACMAkDBwAqABIQ//4wDQYJKoZIhvcNAQELBQADggEBAJs+XmbMrZ2UATWxM18/
cfF1kF0AdcJ5X+uIna5bZdTNt//sdXNJRWbBKtraE6jJLzj6LomO3U6RWHNY+Oik
ri5Im0q6AmJibnoCkekpgtX9tBJMbkaK+e+juBryaPcha5XXd3SOlUGnjPKH9Q5v
N6+xfCt+76HKM1hy27btDaNSa4gUUGPrf+fkLaMd07lM2WEu0cdKQpOVkTE4m4ZY
Ux9cyao0UqslQ35QXQCKVtL2SxwdHgU4urx2ggIiA/4o18FELAP6452SurzmYnxW
VDFB7Xl8XG8q9hCOv4JZ44bpq8H5spXlwd/HsKbfaUzVCfs0VuvcJ2VMJ3Tk9bAZ
UJ0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:10 2024 by rpki-client on console-ams.rpki-client.org